I would like to see non-SMS two factor authentication (2FA), i.e. Google Authenticator, Symantec VIP, etc. I travel a lot and often swap out SIM cards, so the current system is very user unfriendly. Also, text message 2FA is less secure. Why does Revolut not offer leading edge security and convenience?

I’d say it’s for the sake of convenience.
If people are having issues realising they need to keep their number + SIM if they want to login, imagine making them realize they have to keep another app installed 24/7 that can not be as easily switched as a SIM.

What’s most disappointing is the fact that my old-school bank here in Germany has a nice app that I can use to verify transactions. Totally SIM-agnostic and super secure. No need to swap SIMs and much more difficult to hack. In the meantime, you have Revolut, which bills itself as high tech, modern, cutting edge, etc., go old-school and make life difficult for travelers.

This is not the first security flaw they found, it is actually the 3rd one, after looking into photo TAN a while ago (if I remember correctly) and then N26. All three of them app TAN systems. The major concept flaw is, as the main researcher pointed out at the chaos computer congress in winter, using both the app for online banking and the TAN app on the same device. And isn’t it ironic that a piece of software that was meant to make the system more secure actually created the back door?

If you want to talk “super secure”, you need setups like TAN generators that use chip cards for example.

Don’t get me wrong, I am not against app TAN. I just don’t think it qualifies for the label “super secure”.